You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by An...@fiducia.de on 2006/08/29 13:55:07 UTC
Creating new Session without invalidating the old one
Hello!
Is it possible to create a new session for an already logged in person (which
has an actual session) without invalidating the existing session? It's necessary
for me to have the old session before creating an additional one, because I have
to get few datas from the old session for the new one.
request.getSession(true) gives a new session, but only if the user doesn't have
an existing session.
Any hints?
Kind regards,
Andreas Hartmann
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Creating new Session without invalidating the old one
Posted by Monkeyden <mo...@gmail.com>.
It's not that he wants to save everything when the session is invalidated.
He wants to have two HttpSession objects, representing the same user.
On 8/29/06, Puneet Lakhina <pu...@gmail.com> wrote:
>
> On 8/29/06, Andreas.Hartmann@fiducia.de <An...@fiducia.de>
> wrote:
> >
> >
> > Hello!
> >
> > Is it possible to create a new session for an already logged in person
> > (which
> > has an actual session) without invalidating the existing session? It's
> > necessary
> > for me to have the old session before creating an additional one,
> because
> > I have
> > to get few datas from the old session for the new one.
> >
> > request.getSession(true) gives a new session, but only if the user
> doesn't
> > have
> > an existing session.
> >
> I think you could use session listeners, which fires an event before a
> session is invalidated or created where you could persist any information
> that you want.
>
> --
> Puneet
>
>
Re: Antwort: Re: Creating new Session without invalidating the old
one [*]
Posted by David Durham <dd...@vailsys.com>.
Andreas.Hartmann@fiducia.de wrote:
> Hello!
>
>
> Thank you to all for your hints. Now, I want to tell you, what I did at last.
>
> My application consists of nearly 100% forms. The application is logically
> devided into two parts (-> represented by two browser windows), and it must be
> possible to get from one part to the other. If somebody goes to the other part,
> datas must be migrated from the first one, which needn't to be closed - it's
> possible, that the user works with both parts at the same time.
>
> To achieve these needs, I created an object in the ServletContext, where datas
> are stored, which are needed to migrate from one session to another session. The
> key to these data in this object is the session ID. If an user switches to
> another part of the application, this is done using a direct call to a jsp, like
>
> href=some.jsp;sessionid=E19593A3AB3BB4EBB92C6E64916B729C
>
> I'm using sessionid (and not jsessionid), because this way, the request is
> sessionless (I'm using URL-rewriting for session-tracking and https) and I can
> check in the loginfilter myself, if the request belongs to an already logged in
> user. If the sessionid is valid, the user gets a new one and I can fetch data
> from the ServletContext-object.
My thinking was to put 2 objects in a single session, each representing
a respective window's attribute. 1 session, 2 "windows".
You could just have this new Window class extend HashMap to get
key-value pairs.
-Dave
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Antwort: Re: Creating new Session without invalidating the old one [*]
Posted by An...@fiducia.de.
Hello!
Thank you to all for your hints. Now, I want to tell you, what I did at last.
My application consists of nearly 100% forms. The application is logically
devided into two parts (-> represented by two browser windows), and it must be
possible to get from one part to the other. If somebody goes to the other part,
datas must be migrated from the first one, which needn't to be closed - it's
possible, that the user works with both parts at the same time.
To achieve these needs, I created an object in the ServletContext, where datas
are stored, which are needed to migrate from one session to another session. The
key to these data in this object is the session ID. If an user switches to
another part of the application, this is done using a direct call to a jsp, like
href=some.jsp;sessionid=E19593A3AB3BB4EBB92C6E64916B729C
I'm using sessionid (and not jsessionid), because this way, the request is
sessionless (I'm using URL-rewriting for session-tracking and https) and I can
check in the loginfilter myself, if the request belongs to an already logged in
user. If the sessionid is valid, the user gets a new one and I can fetch data
from the ServletContext-object.
Kind regards,
Andreas Hartmann
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Creating new Session without invalidating the old one
Posted by Puneet Lakhina <pu...@gmail.com>.
On 8/29/06, Andreas.Hartmann@fiducia.de <An...@fiducia.de> wrote:
>
>
> Hello!
>
> Is it possible to create a new session for an already logged in person
> (which
> has an actual session) without invalidating the existing session? It's
> necessary
> for me to have the old session before creating an additional one, because
> I have
> to get few datas from the old session for the new one.
>
> request.getSession(true) gives a new session, but only if the user doesn't
> have
> an existing session.
>
I think you could use session listeners, which fires an event before a
session is invalidated or created where you could persist any information
that you want.
--
Puneet
Re: Creating new Session without invalidating the old one
Posted by Scott Van Wart <sc...@indosoft.com>.
Andreas.Hartmann@fiducia.de wrote:
> Hello!
>
> Is it possible to create a new session for an already logged in person (which
> has an actual session) without invalidating the existing session? It's necessary
> for me to have the old session before creating an additional one, because I have
> to get few datas from the old session for the new one.
>
> request.getSession(true) gives a new session, but only if the user doesn't have
> an existing session.
>
OK this is an odd one, but I'll give it a shot. It seems like you want
to transfer information from one session to another. So I'll offer up a
hypothetical situation. You want a login dialog to pop up when the
user's session times out (let's say after 15 minutes). After about 60
minutes the user decides to log back in, and you want session
information to persist.
Aside from this, I honestly can't see any reason why you'd need to have
two sessions open. If you absolutely must, find a medium where you can
persist the data (even if it's just serializing the objects to a file).
If you didn't want the session to timeout in the first place, then don't
set the timeout so low! You can set session timeout on a per-session
basis with HttpSession.setMaxInactiveInterval. Combine this with
HttpSessionListener and you can set up a mechanism with different
timeouts per session, or with the appropriate authorization Action (a la
struts) and have a timeout-per-user mechanism.
At this point I'm just speculating. You'll need to give a reason _why_
you want to do this, because a lot of people (including myself) seem to
be under the impression that you're working at the wrong solution to a
problem that might not exist.
- Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Creating new Session without invalidating the old one
Posted by Monkeyden <mo...@gmail.com>.
I'm dying to know why you could possibly want 2 sessions.
On 8/29/06, Andreas.Hartmann@fiducia.de <An...@fiducia.de> wrote:
>
>
> Hello!
>
> Is it possible to create a new session for an already logged in person
> (which
> has an actual session) without invalidating the existing session? It's
> necessary
> for me to have the old session before creating an additional one, because
> I have
> to get few datas from the old session for the new one.
>
> request.getSession(true) gives a new session, but only if the user doesn't
> have
> an existing session.
>
>
> Any hints?
> Kind regards,
> Andreas Hartmann
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
Re: Creating new Session without invalidating the old one
Posted by David Delbecq <de...@oma.be>.
It's tricky to force a new session, and most of time depend on the
container.
Since you want to keep a few datas of your session, i'll recommend you
try using
Enumeration HttpSession.getAttributeNames()
HttpSession.removeAttribute(String name)
Andreas.Hartmann@fiducia.de a écrit :
> Hello!
>
> Is it possible to create a new session for an already logged in person (which
> has an actual session) without invalidating the existing session? It's necessary
> for me to have the old session before creating an additional one, because I have
> to get few datas from the old session for the new one.
>
> request.getSession(true) gives a new session, but only if the user doesn't have
> an existing session.
>
>
> Any hints?
> Kind regards,
> Andreas Hartmann
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org